| Author |
Lasco worm’s author's interview and a self confessed Nokia fan |
axxxr
Joined: Mar 21, 2003
Posts: > 500
From: Londinium
PM, WWW
|
Via: mobilemonday.net
Marcus Velasco, 32, is the author of the latest Symbian worm Lasco.And is also a self confessed Nokia fan.
The author of the Symbian worm, Lasco, says he doesn’t wish his viruses spread, but predicts that his work will take the threat of mobile malware to the next level.
Brazilian programmer Marcos Velasco, 32, lives in Rio de Janeiro with his wife and kids. Velasco has published his virus code, a practice that is seriously frowned upon by security experts.
Making malware available has also been criminalized in most industrialized countries.
“I’m a professional programmer. Viruses, hacking and security are my favourites. Viruses are my life,” says Velasco in the email interview he granted to Finnish IT weekly, ITviikko. The interview will be published in Finnish on January 20.
Velasco published his version of the Cabir worm’s source code in December. Cabir is the first malware to infect mobile phones and spread via Bluetooth. The original worm was introduced last summer by the virus writing group, 29a.
“I wanted to demonstrate how the worm works. The reason I published the source code was that the anti-virus researchers at Kaspersky did not believe it was mine.”
Velasco rebuilt Cabir from scratch on the basis of the worm’s description published by anti-virus companies.
“My work was easy because I reused a lot of code available on the Internet, for example from symbian.com.”
Velasco made a few corrections of his own. Velasco’s version of the worm is capable spreading from one mobile phone to another without a reboot, unlike the orginal Cabir.
In addition he also made a new mobile worm, dubbed Lasco.A by anti-virus companies. Lasco is based on the same source as Velasco’s Cabir.H but unlike Cabirs it also infects Symbian installation system files (.sis) making it the first mobile malware that spread’s using two methods.
Velasco says he does not wish that his viruses actually spread.
“I’m not trying to spread the worms and I don’t want them to spread.”
He also acknowledges that the publicly available source code will most likely speed up the development of new mobile malware.
“The release of Lasco’s source code will take the virus scene in the cellular world to a totally new level. Maybe the year 2005 will be remembered as the year of mobile malware.”
Velasco says that he has no plans to publish more malware for mobile phones.
“At the moment I think Lasco is my last mobile virus. It’s the first real mobile virus and that’s enough for me.”
Velasco points also out the fact that unlike in many other countries virus writing is not against the law in Brazil.
“The politicians are working on new computer crime law, but I’ll continue my studies with viruses regardless of the outcome.”
Velasco denies he released his source code in the hope of a work offer from a security company.
“I work in my own company and I don’t think that will change. Security is a hobby to me. I respect the anti-virus companies. I actually recommend Kaspersky and F-Secure for my friends. Kasperskys scanner is the best, but F-Secure has the best virus remover.”
Tough Lasco and Cabir targets Nokia’s Series 60 platform Velasco says he’s a big fan of Nokia’s phones.
“I have a 7650, which is a beautiful phone. I’m not going to by any other company’s phones.”
According to F-Secure there are no reports indicating that either Lasco or Cabir.H are in the wild. Mikko Hyppönen, director of anti-virus research at F-Secure, predicts that eventually they will take off.
“I think we’ll definitely notice when that happens.”
Newer versions of Cabir and Lasco will probably spread faster than the original Cabir. Hyppönen points out that even the original Cabir has spread to nime countries despite being able to infect only one phone at a time without a reboot.
Hyppönen also strongly criticises the Velasco’s decision of going public with the source and the binaries.
“It’s dangerous, foolish and childish,” he says.
Hyppönen says that the Lasco author also published a Windows dropper, which can be used to infect sis files even without a proper Symbian phone.
“Now basically anyone can distribute malicious sis files.”
[addsig] | |
|
Debu
Joined: Jan 15, 2003
Posts: > 500
From: Colchester, UK
PM |
Quote:
|
“I have a 7650, which is a beautiful phone. I’m not going to by any other company’s phones.”
|
|
Is this guy mental? 
Visit My Blog : Debu's Innovations'When nine hundred years old you will be, look as good, you will not' - Yoda |
govigov
Joined: Jul 30, 2004
Posts: > 500
From: Back home - Cochin
PM |
I agree, it is totally childish to release a source code in the net. The damage is already done. The only question is how to minimise it.
| |
|
Access the forum with a mobile phone via esato.mobi
|
Posted: 2005-01-19 20:54
